All Vulnerability Reports

USN-4215-1: NSS vulnerability


Severity

Medium

Vendor

Canonical Ubuntu

Versions Affected

  • Canonical Ubuntu 16.04

Description

It was discovered that NSS incorrectly handled certain certificates. An attacker could possibly use this issue to cause a denial of service.

CVEs contained in this USN include: CVE-2019-17007

Affected VMware Products and Versions

Severity is medium unless otherwise noted.

  • Pivotal Operations Manager
    • 2.7.x versions prior to 2.7.8
    • 2.6.x versions prior to 2.6.18
    • 2.5.x versions prior to 2.5.26
  • Pivotal Greenplum for Kubernetes
    • All versions prior to 1.11.0

Mitigation

Users of affected versions should apply the following mitigation or upgrade. Releases that have fixed this issue include:

  • Pivotal Operations Manager
    • 2.7.8
    • 2.6.18
    • 2.5.26
  • Pivotal Greenplum for Kubernetes
    • 1.11.0

References